CVE-2025-48978

Published: Aug 21, 2025

Modified: Aug 21, 2025

PUBLISHED

Description

An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network. Affected Products: EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) Mitigation: Update the EdgeMAX EdgeSwitch to Version 1.11.1 or later.

Vendor	Product	Versions
Ubiquiti Inc	EdgeMAX EdgeSwitch	affected `1.11.1 - < 1.11.1`

References

https://community.ui.com/releases/Security-Advisory-Bulletin-054-054/3033f0b7-aca6-4d70-8c51-d3e706bd0ca7

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now